Accepting request 706877 from security:privacy

OBS-URL: https://build.opensuse.org/request/show/706877
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dkgpg?expand=0&rev=9

dkgpg-1.1.1.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:3396c4554b01edc7004e14c1792b294ebefcd0045f3fab09ae9cc2002a903eb8
-size 749594

dkgpg-1.1.1.tar.gz.sig

@@ -1,6 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iF0EABECAB0WIQR29zARMp0n2418P5dPWE64+yvhTwUCXMSvGwAKCRBPWE64+yvh
-T+BbAJ9K7WvpilcH18gkHF18UVp5tzeFxwCfWEN+jAOZn/YaVlYUfQqdoKWBC4Y=
-=Uaxd
------END PGP SIGNATURE-----

dkgpg-1.1.2.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:83f0f8fa061106a3062fc2536cdb5861cb9fed56920ffdf6f061b7eeca83936f
+size 769856

dkgpg-1.1.2.tar.gz.sig

@@ -0,0 +1,6 @@
+-----BEGIN PGP SIGNATURE-----
+
+iF0EABECAB0WIQR29zARMp0n2418P5dPWE64+yvhTwUCXPJyywAKCRBPWE64+yvh
+T/CNAJ9m8/2HemHS4Yk4MXylGRfHGrO05ACdGE0UQur+UAxQ9vpFRMiXvTEajic=
+=Y491
+-----END PGP SIGNATURE-----

dkgpg.changes

@@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Sun Jun  2 08:25:15 UTC 2019 - Karol Babioch <kbabioch@suse.de>
+
+- Update to version 1.1.2:
+    This release adds a lot of features to some programs: two new options
+    ("-K" and "-f") allow dkg-keysign to read the certification key from a
+    keyring instead of a single key block file. Moreover, with option "-a"
+    an interactive confirmation by the user is required for each signature.
+    Passive support of V5 keys (cf. draft RFC 4880bis) has been added for
+    all programs, however, dkg-generate still generates V4 keys only,
+    because this new feature of the draft is not widely spread. There is
+    also a new encryption capability: an empty KEYSPEC tells dkg-encrypt to
+    create a symmetric-key encrypted session key, i.e., the user has to
+    supply a passphrase for encryption and decryption without any public-key
+    cryptography involved. Last but not least, two bugs have been fixed:
+    First, dkg-decrypt failed on many ZIP-compressed OpenPGP messages with 
+    "ZLIB ERROR: -3 invalid block type" due to a bug in decompression logic.
+    Second, dkg-decrypt failed in a special case of symmetric-key encrypted
+    session keys. Finally, the non-installing program dkg-fuzzer (generates
+    fuzzy samples of somehow corrupted OpenPGP stuctures) has been added.
+
 -------------------------------------------------------------------
 Sun Apr 28 13:14:20 UTC 2019 - Karol Babioch <kbabioch@suse.de>
 

dkgpg.spec

@@ -17,7 +17,7 @@
 
 
 Name:           dkgpg
-Version:        1.1.1
+Version:        1.1.2
 Release:        0
 Summary:        Distributed Key Generation (DKG) and Threshold Cryptography for OpenPGP
 License:        GPL-2.0-or-later
@@ -28,7 +28,7 @@ Source2:        https://download.savannah.gnu.org/releases/dkgpg/%{name}-%{versi
 Source3:        %{name}.keyring
 BuildRequires:  gcc-c++
 BuildRequires:  gmp-devel >= 4.2
-BuildRequires:  libTMCG-devel >= 1.3.15
+BuildRequires:  libTMCG-devel >= 1.3.18
 BuildRequires:  libbz2-devel
 BuildRequires:  libgcrypt-devel >= 1.6
 BuildRequires:  libgpg-error-devel >= 1.12